• No results found

F-Secure and Server Security. Deployment Guide

N/A
N/A
Protected

Academic year: 2021

Share "F-Secure and Server Security. Deployment Guide"

Copied!
141
0
0

Loading.... (view fulltext now)

Full text

(1)

Server Security

(2)

F-Secure Corporation disclaims proprietary interest in the marks and names of others. Although F-Secure Corporation makes every effort to ensure that this information is accurate, F-Secure Corporation will not be liable for any errors or omission of facts contained herein. F-Secure Corporation reserves the right to modify specifications cited in this document without prior notice.

Companies, names and data used in examples herein are fictitious unless otherwise noted. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of F-Secure Corporation.

Copyright © 1993-2012 F-Secure® Corporation. All rights reserved. Portions:

Copyright © 2004 BackWeb Technologies Inc. Copyright © 1991-2010 Commtouch® Software Ltd. Copyright © 1997-2009 BitDefender.

Copyright © Yooichi Tagawa, Nobutaka Watazaki, Masaru Oki, Tsugio Okamoto Copyright © 1990-2002 ARJ Software, Inc.

Copyright © 1990-2003 Info-ZIP Copyright © 1996-2000 Julian R Seward

Copyright © 1996-2009, Daniel Stenberg, daniel@haxx.se

This product includes software developed by the Apache Software Foundation (http://www.apache.org/). Copyright © 2000-2004 The Apache Software Foundation. All rights reserved.

This product includes PHP, freely available from http://www.php.net/. Copyright © 1999-2010 The PHP Group. All rights reserved.

(3)

This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). Copyright © 1995-1998 Eric Young (eay@cryptsoft.com). All rights reserved.

This product includes software written by Tim Hudson (tjh@cryptsoft.com). Copyright © 1994-2010 Lua.org, PUC-Rio.

Copyright © Reuben Thomas 2000-2010.

Copyright © 2005 Malete Partner, Berlin, partner@malete.org

This software is copyrighted by the Regents of the University of California, Sun Microsystems, Inc., Scriptics Corporation, ActiveState Corporation and other parties.

Copyright © 1996-2001 Intel Corporation (http://www.intel.com) Copyright © 2004, 2005 Metaparadigm Pte Ltd

This product includes code from SpamAssassin. The code in the files of the SpamAssassin distribution are Copyright © 2000-2002 Justin Mason and others, unless specified otherwise in that particular file. All files in the SpamAssassin distribution fall under the same terms as Perl itself, as described in the "Artistic License". This product includes optional Microsoft SQL Server 2008 R2 Express Edition.

Copyright © 2010 Microsoft Corporation. All rights reserved.

This product may be covered by one or more F-Secure patents, including the following: GB2353372, GB2366691, GB2366692, GB2366693, GB2367933, GB2368233, GB2374260.

(4)

1

About This Guide

4

How This Guide Is Organized ... 5

Conventions Used in F-Secure Guides... 6

Chapter 1

Introduction

8

1.1 Overview ...9

1.2 How the Product Works ...10

1.3 Key Features...13

1.4 Scanning Methods ...16

Chapter 2

Deployment

17

2.1 Installation Modes ...18

2.2 Deployment Scenarios ...19

2.2.1 Deploying F-Secure E-mail and Server Security to a stand-alone server ...19

2.2.2 Deploying F-Secure E-mail and Server Security with Policy Manager...20

2.2.3 Single File, Terminal or Exchange Server ...21

2.2.4 Multiple Exchange 2003 Servers...22

2.2.5 Multiple Exchange Server 2007/2010 Roles ...23

2.2.6 Large organization using Exchange 2007/2010 ...24

2.2.7 Centralized Quarantine Management...26

Chapter 3

System Requirements

30

3.1 System Requirements for Installation without Anti-Virus for Microsoft Exchange...31

(5)

2

3.2.4 Network Requirements for E-mail and Server Security ...39

3.3 Centralized Management Requirements...40

3.4 Other System Component Requirements ...40

3.4.1 SQL Server Requirements ...40

3.4.2 Additional Windows Components...42

3.4.3 Web Browser Software Requirements ...42

Chapter 4

Installation

44

4.1 Installing F-Secure E-mail and Server Security from Policy Manager ...45

4.2 Installing F-Secure E-mail and Server Security to Microsoft Exchange Server ...59

4.3 Upgrading from previous product versions ...78

4.3.1 Upgrading from the centralized installation of F-Secure Anti-Virus for Windows Server with Policy Manager 10.0178 4.3.2 Upgrading from F-Secure Anti-Virus for Microsoft Exchange with Policy Manager 10.0178 4.3.3 Upgrading from F-Secure Anti-Virus for Microsoft Exchange...79

4.4 Registering the Evaluation Version ...80

4.5 Uninstalling the Product ...81

Chapter 5

Configuring the Product

82

5.1 Configuring the Product ...83

5.2 Network Configuration...84

5.3 Configuring F-Secure Spam Control ...86

5.3.1 Realtime Blackhole List Configuration...86

5.3.2 Optimizing F-Secure Spam Control Performance ...89

Appendix A Deploying the Product on a Cluster

90

A.1 Installation Overview ... 91

A.2 Creating Quarantine Storage ...93

A.2.1 Quarantine Storage in Active-Passive Cluster ...93

A.2.2 Quarantine Storage in Active-Active Cluster ...98

(6)

3

A.2.5 Creating the Quarantine Storage for a Database

Availability Group Environment ...112

A.3 Installing the Product...116

A.3.1 Installing on Clusters with Quarantine as Cluster Resource ...116

A.3.2 Installing on Clusters with Quarantine on a Dedicated Computer ...119

A.4 Administering the Cluster Installation with F-Secure Policy Manager...123

A.5 Using the Quarantine in the Cluster Installation...124

A.6 Using the Product with High Availability Architecture in Microsoft Exchange Server 2010125 A.7 Uninstallation...126

A.8 Troubleshooting ...127

Appendix B Services and Processes

128

B.1 List of Services and Processes ... 129

Technical Support

133

F-Secure Online Support Resources ... 134

Software Downloads ...136

Virus Descriptions on the Web ...136

(7)

4

How This Guide Is Organized... 5

Conventions Used in F-Secure Guides ... 6

(8)

How This Guide Is Organized

F-Secure E-mail and Server Security Deployment Guide is divided into the following chapters:

Chapter 1.

Introduction. General information about F-Secure E-mail and Server Security and other F-Secure Anti-Virus Mail Server and Gateway products.

Chapter 2.

Deployment. Instructions and examples how to set up your network environment before you can install the product.

Chapter 3.

System Requirements. System and network requirements for product components.

Chapter 4.

Installation. Instructions how to install and set up the product.

Chapter 5.

Configuring the Product. Instructions on how to configure the product to take it into use.

Appendix A.

Deploying the Product on a Cluster. Instructions how to deploy and use the product on a cluster.

Appendix B.

Services and Processes. Describes services, devices and processes of the product.

Technical Support. Contains the contact information for assistance. About F-Secure Corporation. Describes the company background and products.

See the F-Secure Policy Manager Administrator's Guide for detailed information about installing and using the F-Secure Policy Manager components:

 F-Secure Policy Manager Console, the tool for remote

administration of the product.

 F-Secure Policy Manager Server, which enables communication

between F-Secure Policy Manager Console and the managed systems.

(9)

Conventions Used in F-Secure Guides

This section describes the symbols, fonts, and terminology used in this manual.

Symbols

Fonts

Arial bold (blue) is used to refer to menu names and commands, to buttons and other items in a dialog box.

Arial Italics (blue) is used to refer to other chapters in the manual, book titles, and titles of other manuals.

Arial Italics (black) is used for file and folder names, for figure and table

captions, and for directory tree names.

Courier New is used for messages on your computer screen. Courier New bold is used for information that you must type. SMALLCAPS (BLACK) is used for a key or key combination on your keyboard.

WARNING: The warning symbol indicates a situation with a risk of irreversible destruction to data.

IMPORTANT: An exclamation mark provides important information

that you need to consider.

REFERENCE - A book refers you to related information on the topic available in another document.

l

NOTE - A note provides additional information that you should consider.

TIP - A tip provides information that can help you perform a task more quickly or easily.

(10)

Arial underlined (blue) is used for user interface links.

Arial italics is used for window and dialog box names.

PDF Document

This manual is provided in PDF (Portable Document Format). The PDF document can be used for online viewing and printing using Adobe® Acrobat® Reader. When printing the manual, please print the entire manual, including the copyright and disclaimer statements.

For More Information

Visit F-Secure at http://www.f-secure.com for documentation, training courses, downloads, and service and support contacts.

In our constant attempts to improve our documentation, we would welcome your feedback. If you have any questions, comments, or suggestions about this or any other F-Secure document, please contact us at documentation@f-secure.com.

(11)

8

1

I

Overview... 9

How the Product Works... 10

Key Features ... 13

(12)

1.1

Overview

Malicious code, such as computer viruses, is one of the main threats for companies today. In the past, malicious code spread mainly via disks and the most common viruses were the ones that infected disk boot sectors. When users began to use office applications with macro capabilities - such as Microsoft Office - to write documents and distribute them via mail and groupware servers, macro viruses started spreading rapidly.

Nowadays the most common spreading mechanism for viruses is Web. Even fraudulent e-mails usually contain a link to a browser exploit or a phishing web site. F-Secure E-mail and Server Security includes

Browsing Protection, which protects the Internet browsing for all users of the server.

F-Secure Anti-Virus Mail Server and Gateway products are designed to protect your company's mail and groupware servers and to shield the company network from any malicious code that travels in HTTP or SMTP traffic. In addition, they protect your company network against spam. The protection can be implemented on the gateway level to screen all

incoming and outgoing e-mail (SMTP), web surfing (HTTP and FTP-over-HTTP) and file transfer (FTP) traffic. Furthermore, it can be implemented on the mail server level so that it does not only protect inbound and outbound traffic but also internal mail traffic and public sources, such as public folders on Microsoft Exchange servers. Providing the protection already on the gateway level has plenty of advantages. The protection is easy and fast to set up and install, compared to rolling out antivirus protection on hundreds or thousands of workstations. The protection is also invisible to the end users which ensures that the system cannot be by-passed and makes it easy to maintain. Of course, protecting the gateway level alone is not enough to provide a complete antivirus solution; file server and workstation level protection is needed, also.

Why clean 1000 workstations when you can clean one attachment at the gateway level?

(13)

1.2

How the Product Works

The product is designed to detect and disinfect viruses and other malicious code from e-mail transmissions through Microsoft Exchange Server. Scanning is done in real time as the mail passes through

Microsoft Exchange Server. On-demand scanning of user mailboxes and public folders is also available.

Scanning

Attachments and

Message Bodies

The product scans attachments and message bodies for malicious code. It can also be instructed to remove particular attachments according to the file name or the file extension.

If the intercepted mail contains malicious code, the product can be configured to disinfect or drop the content. Any malicious code found during the scan process can be placed in the Quarantine, where it can be further examined. Stripped attachments can also be placed in the

Quarantine for further examination.

Flexible and Scalable

Anti-Virus Protection

The product is installed on Microsoft Exchange Server and it intercepts mail traveling to and from mailboxes and public folders. The messages and documents are scanned with the scanning component, F-Secure Content Scanner Server, which also disinfects the infected messages.

Alerting

The product has extensive alerting functions, which means that the

system administrator can specify a recipient, such as the network administrator, to be notified about the infection found in the data content.

Powerful and Always

Up-to-date

The product uses the award-winning F-Secure Anti-Virus techniques and scanning engines to ensure the highest possible detection rate and disinfection capability. The F-Secure Anti-Virus definition databases are updated typically multiple times a day and they provide an always up-to-date protection capability.

F-Secure Anti-Virus scanner consistently ranks at the top when compared to competing products. Our team of dedicated virus researchers is on call 24-hours a day responding to new and emerging threats. In fact,

F-Secure is one of the only companies to release tested virus definition updates continuously, to make sure our customers are receiving the highest quality service and protection.

(14)

Real-time

Protection

Network

F-Secure's Real-time Protection Network is an online service which provides rapid response against Internet-based threats.

The Real-time Protection Network uses reputation services to obtain information about the latest Internet threats. When Real-time Protection Network finds a suspicious application on the server, you benefit from the analysis results when the same application has been found on other devices already. Real-time Protection Network improves the overall performance, as the product does not need to scan any applications that Real-time Protection Network has already analyzed and found clean. Similarly, information about malicious websites and unsolicited bulk messages is shared through Real-time Protection Network, and we are able to provide you with more accurate protection against web site exploits and spam messages.

Virus and Spam

Outbreak Detection

Massive spam and virus outbreaks consist of millions of messages which share at least one identifiable pattern that can be used to distinguish the outbreak. Any message that contains one or more of these patterns can be assumed to be a part of the same spam or virus outbreak.

The product can identify these patterns from the message envelope, headers and body, in any language, message format and encoding type. It can detect spam messages and new viruses during the first minutes of the outbreak.

Stand-alone and

Centralized

Administration Modes

The product can be installed either in stand-alone or centrally

administered mode. Depending on how the product has been installed, it is managed either with the Web Console or F-Secure Policy Manager.

Scalability and

Reliability

F-Secure Policy Manager provides a scalable way to manage the security of multiple applications on multiple operating systems, from one central location.F-Secure Policy Manager is comprised of two components, F-Secure Policy Manager Console and F-Secure Policy Manager Server, which are used to administer applications. They are seamlessly

integrated with the F-Secure Management Agents that handle all management functions on local hosts.

Easy to

Administer

If the product is installed in stand-alone mode it can be managed with the web-based user interface.

(15)

If the product is installed in centrally administered configuration, it is managed with F-Secure Policy Manager. With its graphical user interface, F-Secure Policy Manager Console provides a centralized view of the domains and hosts in your network, lets you configure the security policies for all F-Secure components and set up scheduled scans and run manual scanning operations. F-Secure Policy Manager receives status information from the product.

F-Secure Policy Manager Server is the server side component that handles communication between the product and F-Secure Policy Manager Console. It exchanges security policies, software updates, status information, statistics, alerts, and other information between F-Secure Policy Manager Console and all managed systems.

Figure 1-1 (1) E-mail arrives from the Internet to F-Secure E-mail and Server Security, which (2) filters malicious content from mails and attachments, and (3) delivers cleaned files forward.

(16)

1.3

Key Features

The product provides the following features and capabilities.

Superior

Protection

 Stops all malware at the server and protects e-mails, file sharing,

web browsing, critical system processes, and system configuration.

 Superior detection rate with multiple scanning engines.

 Scanning engines updated automatically with the latest versions.  Automatic malicious code detection and disinfection.

 The grayware scan detects spyware, adware, dialers, joke

programs, remote access tools, and any other unwelcome files and programs.

 Heuristic scanning detects also unknown Windows and macro

viruses.

 Recursive scanning of ARJ, BZ2, CAB, GZ, JAR, LZH, MSI,

RAR, TAR, TGZ, Z and ZIP archive files.

 Automatic and consistent virus definition database updates.  Suspicious and unsafe attachments can be stripped away from

e-mails.

 Password protected archives can be treated as unsafe.  Intelligent file type recognition.

 Message filtering based on keywords in message subjects and

text.

Virus

Outbreak

Detection

 The virus outbreak detection is an additional active layer of

protection that automatically detects virus outbreaks and quarantines suspicious messages.

 Virus outbreaks are transparently detected and infected

messages are quarantined before the outbreak becomes widespread.

 Quarantined unsafe messages can be reprocessed

(17)

Transparency

and Scalability

 Viruses are intercepted before they can enter the network and

spread out on workstations and servers.

 Real-time scanning of internal, inbound and outbound mail

messages and public folder notes.

 Automatic protection of new mailboxes and public folders.  Total transparency to end-users. Users cannot bypass the

system, which means that messages and documents cannot be exchanged without scanning.

Management

 Controlling and monitoring the behavior of the products remotely.  Starting predefined operations remotely.

 Monitoring statistics provided by the products remotely with

F-Secure Policy Manager or the Web Console.

 Possibility to configure and manage stand-alone installations with

the convenient the Web Console.

 You can manage and search quarantined content with the Web

Console.

Protection

against

Spam

 Spam messages are transparently detected before they become

widespread.

 Efficient spam detection based on different analyses on the

e-mail content.

 Multiple filtering mechanisms guarantee the high accuracy of

spam detection.

 Spam messages can be separated from legitimate messages and

processed using the Spam Confidence Levels.

(18)

DeepGuard

 DeepGuard protects your server in real-time from new and

unknown treats and attacks.

 Combines enhanced system monitoring, executable file behavior

and reputation analysis and intrusion prevention features.

 Uses in-the-cloud protection techniques to provide fast reaction

times against the latest threats.

 DeepGuard can be configured to handle and block suspicious

files automatically without requiring any user interaction.

Browsing

Protection

 Browsing Protection protects you from web sites that may steal

your personal information, including credit card numbers, user account information, and passwords.

 Blocks access to malicious, undesired, and suspicious sites

(19)

1.4

Scanning Methods

Virus Scanning

The virus scan uses virus definition databases to detect and disinfect viruses. Virus definition databases are updated typically multiple times a day and they provide an always up-to-date protection capability.

Heuristic Scanning

The heuristic scan analyzes files for suspicious code behavior so that the product can detect unknown malware.

Proactive Virus Threat Detection

The proactive virus threat detection analyzes e-mail messages for possible virus patterns and security threats. All possibly harmful

messages are quarantined as unsafe. The proactive virus threat detection can detect new viruses during the first minutes of the outbreak.

Grayware Scanning

The grayware scan detects applications that have annoying or

undesirable behavior that can reduce the performance of computers on the network and introduce significant security risks to your organization. Grayware includes spyware, adware, dialers, joke programs, remote access tools, and any other unwelcome files and programs that can perform a variety of undesired and threatening actions, such as irritating users with pop-up windows, logging user key strokes, and exposing the computer to vulnerabilities.

(20)

17

2

D

EPLOYMENT

Installation Modes... 18

Deployment Scenarios ... 19

(21)

2.1

Installation Modes

The product can be installed locally at the server, or remotely to one or more servers with F-Secure Policy Manager.

Administration Modes

The product can be installed either in stand-alone or centrally

administered mode. In stand-alone installation, the product is managed with Web Console. In centrally administered mode, it is managed centrally with F-Secure Policy Manager.

To administer the product in the centrally administered mode, you have to install F-Secure Policy Manager on a dedicated computer.

E-mail Security components can be installed only locally.

For up-to-date information on supported platforms, see F-Secure Policy Manager Release Notes.

(22)

2.2

Deployment Scenarios

Depending on how the Microsoft Exchange Server roles are deployed in your environment, you might consider various scenarios of deploying the product. There are various ways to deploy the product that are suitable to different environments:

 If you have just a single file, terminal or Microsoft Exchange

Server, see “Single File, Terminal or Exchange Server”, 21.

 If you have multiple Microsoft Exchange Servers, see “Multiple

Exchange 2003 Servers”, 22.

 If you have multiple Microsoft Exchange Servers with Exchange

Edge and Mailbox Server roles, see “Multiple Exchange Server 2007/2010 Roles”, 23.

 If you have multiple Microsoft Exchange Servers deployed on

dedicated servers with server roles and possibly clustered mailbox servers, see “Large organization using Exchange 2007/ 2010”, 24.

 If you have multiple Microsoft Exchange Server installations and

you want to configure the product to use one SQL server and database for the quarantine management, see “Centralized Quarantine Management”, 26.

2.2.1

Deploying F-Secure E-mail and Server Security to a

stand-alone server

In corporations with one or two servers (Microsoft Exchange Server 2003/ 2007/2010 or Microsoft Small Business Server 2003/2008/2011) that hold all mailboxes, public folders and send and receive all inbound and outbound messages over SMTP. You can administer each server in stand-alone mode.

This is a typical scenario in companies that run Microsoft Small Business Server. Make sure that your hardware and the system configuration meet the system and network requirements.

(23)

Installing F-Secure Anti-Virus for Microsoft Exchange

To install the product, login to the server with local administrative privileges and run the setup. For more information, see “Installing F-Secure E-mail and Server Security to Microsoft Exchange Server”, 59.

Administration Modes

After you have installed the product, use the product Web Console to configure your product. For more information, see “Configuring the Product”, 82.

2.2.2

Deploying F-Secure E-mail and Server Security with

Policy Manager

In corporations with multiple servers and workstations, we recommend that you use F-Secure Policy Manager to centrally manage the product. Make sure that servers where you install the product meet the system and network requirements.

To install the product to servers:

1. Download the remote installation package (jar file) of the product and import it to F-Secure Policy Manager Console.

2. Install F-Secure E-mail and Server Security to the target servers. If target servers are in the policy domain already, use the policy-based installation. Otherwise, use the push-installation. 3. After the installation is complete, import new hosts to the Policy

Manager domain.

4. Install E-mail Security components locally to servers running

Microsoft Exchange Server. Use the centralized administration mode and connect the product to the same Policy Manager.

If you have F-Secure E-mail and Server Security license, use F-Secure E-mail and Server Security remote installation package with the filename ess_9.20-rtm.jar.

If you have F-Secure Server Security license, use F-Secure Server Security remote installation package with the filename ss_9.20-rtm.jar.

(24)

2.2.3

Single File, Terminal or Exchange Server

Your organization has a single server (Microsoft Exchange Server 2003/ 2007/2010 or Microsoft Small Business Server 2003/2008/2011) that holds all mailboxes, public folders and sends and receives all inbound and outbound messages over SMTP. Usually, the server is located behind the firewall or router.

Installing F-Secure Anti-Virus for Microsoft Exchange

Install the product to the server running Microsoft Exchange Server or Microsoft Small Business Server.

Administration Modes

You can install the product in stand-alone mode and administer it with the Web Console.

The product receives anti-virus and spam database updates from F-Secure Update Server.

(25)

2.2.4

Multiple Exchange 2003 Servers

Your organization has multiple Microsoft Exchange Server 2003 installations. Usually, the front-end server is located in the perimeter network and receives inbound mail using SMTP and forwards all

messages to the back-end server. The back-end Exchange server holds all mailboxes and public folders. In a larger organization, back-end servers may be clustered.

Installing F-Secure Anti-Virus for Microsoft Exchange

Install the product to both front-end and back-end Exchange servers. In addition, the front-end server can be protected with F-Secure Spam Control.

Administration Modes

Install F-Secure Policy Manager Server on a dedicated server or on the same server with one of Exchange servers. You can administer the product with F-Secure Policy Manager Console.

When you install the product, configure each installation to connect to the same F-Secure Policy Manager Server.

The product installations receive anti-virus and spam database updates from F-Secure Policy Manager Server, which receives updates from F-Secure Update Server.

(26)

2.2.5

Multiple Exchange Server 2007/2010 Roles

Your organization has multiple Microsoft Exchange Server 2007/2010 installations. Exchange Edge and Mailbox Server roles are deployed to separate servers and the Hub Server is deployed either on a separate server or on the same server with the Mailbox Server. The Edge Server handles incoming and outgoing messages using SMTP and Mailbox Server holds all mailboxes and public folders and Hub Server routes mail traffic between Exchange servers.

Installing F-Secure Anti-Virus for Microsoft Exchange

Install the product to all servers where Exchange Edge, Hub and Mailbox Server roles are deployed. In addition, the Edge server can be protected with F-Secure Spam Control.

Administration Modes

Install F-Secure Policy Manager Server on a dedicated server or on the same server with one of Exchange servers. You can administer the product with F-Secure Policy Manager Console.

If the Exchange role is changed later, the product has to be reinstalled.

(27)

When you install the product, configure each installation to connect to the same F-Secure Policy Manager Server.

The product installations receive anti-virus and spam database updates from F-Secure Policy Manager Server, which receives updates from F-Secure Update Server.

2.2.6

Large organization using Exchange 2007/2010

Your organization has multiple Microsoft Exchange Server 2007/2010 installations. All Exchange roles are deployed on dedicated servers. Mailbox servers are possibly clustered.

(28)

Installing F-Secure Anti-Virus for Microsoft Exchange

Install the product to the server where Exchange Edge, Hub and Mailbox Server roles are deployed. In addition, the Edge server can be protected with F-Secure Spam Control.

Do not install the product to Client Access or Unified Messaging Server roles.

Installing F-Secure Spam Control

F-Secure Spam Control can be installed on the Edge server.

Administration Modes

Install F-Secure Policy Manager Server on a dedicated server. You can administer the product with F-Secure Policy Manager Console.

When you install the product, configure each installation to connect to the same F-Secure Policy Manager Server.

The product installations receive anti-virus and spam database updates from F-Secure Policy Manager Server, which receives updates from F-Secure Update Server.

(29)

2.2.7

Centralized Quarantine Management

Your organization has multiple Microsoft Exchange Server installations. For example, you have front-end and back-end servers running

Exchange Server 2003, or a network configuration with Edge and Mailbox roles running Exchange Server 2007/2010.

Microsoft SQL Server is installed on a dedicated server or on the server running F-Secure Policy Manager Server.

(30)

Installing the product

When you install the product, configure each installation to use the same SQL server and database.

 Make sure that the SQL server, the database name, user name

and password are identical in the quarantine configuration for all F-Secure Anti-Virus for Microsoft Exchange installations.

 Make sure that all the servers are allowed to communicate with

the SQL server using mixed mode authentication. For more information, see “Enabling the mixed mode authentication in the Microsoft SQL Server”, 27.

 In environments with heavy e-mail traffic, it is recommended to

use a Microsoft SQL server installed on a separate server. When using the free Microsoft SQL Server 2008 R2 included with the product, the Quarantine database size is limited to 10 GB.

 You can use the Web Console to manage and search

quarantined content.

Enabling the mixed mode authentication in the Microsoft SQL

Server

If you install Microsoft SQL Server 2005/2008 separately, it supports Windows Authentication only by default. You have to change the authentication to mixed mode during the setup or configure it later with Microsoft SQL Server user interface.

The mixed mode authentication allows you to log into the SQL server with either your Windows or SQL username and password.

Follow these steps to change the authentication mode:

1. Open Microsoft SQL Server Management Studio or Microsoft SQL Server Management Studio Express.

If you do not have Microsoft SQL Server Management Studio

installed, you can freely download Management Studio Express from the Microsoft web site.

Make sure that the sa password is strong when you change the authentication mode from the Windows authentication to the mixed authentication mode.

(31)

2.

Connect to the SQL server.

3.

In Object Explorer, go to Security > Logins.

4.

Right-click on sa and select Properties.

5.

Open the General page and change the password. Confirm the new password that you entered.

6.

Open the Status page and select Enabled in the Login section.

7.

Click OK.

8.

In Object Explorer, right-click on the server name and select

Properties.

9.

On the Security page, select SQL Server and Windows

Authentication mode under Server authentication.

10.

Click OK.

11.

Right-click on the server name and select Restart.

Wait for a moment for the service to restart before you continue.

12.

Use Management Studio to test the connection to the SQL server with the sa account and the new password you set.

(32)
(33)

30

3

S

R

System Requirements for Installation without Anti-Virus for

Microsoft Exchange... 31

System Requirements for Installation with Anti-Virus for Microsoft

Exchange... 32

Centralized Management Requirements... 40

Other System Component Requirements... 40

(34)

3.1

System Requirements for Installation without

Anti-Virus for Microsoft Exchange

The minimum and recommended requirements for installing and using the product on the server that does not have Microsoft Exchange Server are:

Processor: Any processor based on Intel x86 (I386) or AMD x64 / Intel EM64T architecture that can run the corresponding Microsoft Windows Server (Intel Pentium 4 2GHz or higher recommended)

Operating system:

 Microsoft® Windows Server 2003 with

the latest service pack

 Microsoft® Windows Server 2003 R2  Microsoft® Windows Server 2008  Microsoft® Windows Server 2008 R2  Microsoft® Small Business Server

2003

 Microsoft® Small Business Server

2003 R2

 Microsoft® Small Business Server

2008

 Microsoft® Small Business Server

2011, Standard edition Memory: 512MB (1GB or more recommended) Disk space: 1,1 GB for installation and updates

(35)

3.2

System Requirements for Installation with

Anti-Virus for Microsoft Exchange

The product is installed on the computer running Microsoft Exchange Server.

3.2.1

Installation on Microsoft Exchange Server 2003

The product can be installed on a computer running Microsoft® Exchange Server 2003 with the latest service pack

Display: At least 8-bit [256 colors] (16-bit or more [65000 colors] recommended)

Internet connection: Required to receive updates and to use the real-time protection network

Web browser: Required to administer the product

 Microsoft Internet Explorer 6.0 or later  Mozilla Firefox 3.0 or later

 Any other web browser that supports

HTTP 1.0, SSL, JavaScript and cookies may be used as well.

The release notes document contains the latest information about the product and might have changes to system requirements and the installation procedure. It is highly recommended to read the release notes before you proceed with the installation.

Processor: Any processor based on Intel x86 (I386) or AMD x64 / Intel EM64T architecture that can run the corresponding 32-bit Microsoft Windows Server

(36)

Operating system:  Microsoft® Windows Server 2003

Standard Edition with the latest service pack

 Microsoft® Windows Server 2003

Enterprise Edition with the latest service pack

 Microsoft® Windows Server 2003 R2

Standard Edition

 Microsoft® Windows Server 2003 R2

Enterprise Edition

 Microsoft® Small Business Server

2003

 Microsoft® Small Business Server

2003 R2

Memory: 1 GB minimum

Disk space to install: 2 GB for installation and updates Disk space for

processing:

10 GB or more. The required disk space depends on the number of mailboxes, amount of data traffic and the size of the Information Store.

Internet connection: Required to receive updates and to use the real-time protection network

Web browser: Required to administer the product

 Microsoft Internet Explorer 6.0 or later  Mozilla Firefox 3.0 or later

 Any other web browser that supports

HTTP 1.0, SSL, JavaScript and cookies may be used as well.

(37)

Cluster Environment

The product supports the following cluster models of Microsoft Exchange Server 2003:

 Active - Active Cluster  Active - Passive Cluster

For detailed instructions how to deploy and install the product on a cluster, see “Deploying the Product on a Cluster”, 90.

3.2.2

Installation on Microsoft Exchange Server 2007

The product can be installed on a computer running one of the following Microsoft Exchange Server versions:

 Microsoft® Exchange Server 2007 (64-bit version) with the latest

service pack

 Microsoft® Small Business Server 2008

The 32-bit evaluation version of Microsoft Exchange Server 2007 is not supported.

(38)

Processor: Any processor based on AMD x64 / Intel EM64T architecture that can run the corresponding 64-bit Microsoft Windows Server

Intel Pentium 4 2GHz or higher

Operating system:  Microsoft® Windows Server 2003,

Standard x64 Edition with the latest service pack

 Microsoft® Windows Server 2003,

Enterprise x64 Edition with the latest service pack

 Microsoft® Windows Server 2003 R2,

Standard x64 Edition

 Microsoft® Windows Server 2003 R2,

Enterprise x64 Edition

 Microsoft® Windows Server 2008,

Standard Edition (x64)

 Microsoft® Windows Server 2008,

Enterprise Edition (x64)

 Microsoft® Small Business Server

2008

Memory: 2 GB minimum

(39)

Microsoft Exchange Server Roles

The product supports the following roles of Microsoft Exchange Server 2007:

 Edge Server role  Hub Server role  Mailbox Server role

 Combo Server (Mailbox Server and Hub Server roles)

Cluster Environment

The product supports the following cluster models of Microsoft Exchange Server 2007:

 Cluster Continuous Replication (CCR)  Single Copy Cluster (SCC)

For detailed instructions how to deploy and install the product on a cluster, see “Deploying the Product on a Cluster”, 90.

Disk space for processing:

10 GB or more. The required disk space depends on the number of mailboxes, amount of data traffic and the size of the Information Store.

Internet connection: Required to receive updates and to use the real-time protection network

Web browser: Required to administer the product

 Microsoft Internet Explorer 6.0 or later  Mozilla Firefox 3.0 or later

 Any other web browser that supports

HTTP 1.0, SSL, JavaScript and cookies may be used as well.

(40)

3.2.3

Installation on Microsoft Exchange Server 2010

The product can be installed on a computer running the following Microsoft Exchange Server version:

 Microsoft® Exchange Server 2010

 Microsoft® Exchange Server 2010 (without service pack or with

service pack 1 or 2)

 Microsoft® Small Business Server 2011

Processor: Any processor based on AMD x64 / Intel EM64T architecture that can run the corresponding 64-bit Microsoft Windows Server

Operating system:  Microsoft® Windows Server 2008,

Standard Edition (x64)

 Microsoft® Windows Server 2008,

Enterprise Edition (x64)

 Microsoft® Windows Server 2008 R2,

Standard Edition

 Microsoft® Windows Server 2008 R2,

Enterprise Edition

 Microsoft® Small Business Server

2008

 Microsoft® Small Business Server

2011, Standard edition

Memory: 4 GB minimum

(41)

Microsoft Exchange Server Roles

The product supports the following roles of Microsoft Exchange Server 2010:

 Edge Server role  Hub Server role  Mailbox Server role

 Combo Server (Mailbox Server and Hub Server roles)

Cluster Environment

The current version of the product supports Microsoft Exchange Server 2010 high-availability solutions based on Database Availability Groups (DAG).

Disk space for processing:

10 GB or more. The required disk space depends on the number of mailboxes, amount of data traffic and the size of the Information Store.

Internet connection: Required to receive updates and to use the real-time protection network

Web browser: Required to administer the product

 Microsoft Internet Explorer 6.0 or later  Mozilla Firefox 3.0 or later

 Any other web browser that supports

HTTP 1.0, SSL, JavaScript and cookies may be used as well.

(42)

3.2.4

Network Requirements for E-mail and Server Security

This network configuration is valid for all scenarios described in this chapter. Make sure that the following network traffic can pass through:

Service Process Inbound ports Outbound ports

F-Secure Content Scanner Server

%ProgramFiles%\F-Secure\Cont ent Scanner Server\fsavsd.exe

18971 (TCP) (on localhost only)

DNS (53, UDP/TCP), HTTP (80) or another known port used for HTTP proxy

F-Secure E-mail and Server Security WebUI Daemon

%ProgramFiles%\F-Secure\Web User Interface\bin\fswebuid.exe

25023 DNS (53, UDP and TCP), 1433 (TCP), only with the dedicated SQL server F-SecureAutomatic Update Agent %ProgramFiles%\F-Secure\FSA UA\program\fsaua.exe - DNS (53, UDP and TCP), HTTP (80) and/or another port used to connect to F-SecurePolicy Manager Server

F-Secure Network Request Broker %ProgramFiles%\F-Secure\Com mon\fnrb32.exe - DNS (53, UDP/TCP), HTTP (80) or another port used to connect to F-Secure Policy Manager Server F-Secure Management Agent %ProgramFiles%\F-Secure\Com mon\fameh32.exe - DNS (53, UDP/TCP), SMTP (25) F-Secure Quarantine Manager %ProgramFiles%\F-Secure\Quar antine Manager\fqm.exe - DNS (53, UDP/TCP), 1433 (TCP), only with the dedicated SQL server

F-Secure ORSP Client %ProgramFiles%\F-Secure\ORS P Client\fsorsp.exe

- DNS (53, UDP/TCP), HTTP (80, or the port used for HTTP proxy)

(43)

3.3

Centralized Management Requirements

F-Secure Policy Manager 9.00 or later is required if you plan to install the product in the centralized administration mode and manage it with F-Secure Policy Manager Console.

We recommend that you use F-Secure Policy Manager 10.01 to administer all the features in the product.

3.4

Other System Component Requirements

When you install the product with Anti-Virus for Microsoft Exchange, it requires Microsoft SQL Server for the e-mail quarantine management. Depending on the selected deployment and administration method, you may need have some additional software as well.

3.4.1

SQL Server Requirements

The product requires Microsoft® SQL Server for the quarantine management. The following versions of Microsoft SQL Server are recommended to use:

 Microsoft SQL Server 2005 (Enterprise, Standard, Workgroup or

Express edition) with the latest service pack

 Microsoft SQL Server 2008 (Enterprise, Standard, Workgroup or

Express edition)

Microsoft SQL Server 2008 R2 Express Edition SP1 is distributed with the product and can be installed during F-Secure E-Mail and Server Security setup.

If you are using a previous version of F-Secure Policy Manager, upgrade it to the latest version before you install F-Secure E-mail and Server Security 9.20.

When centralized quarantine management is used, the SQL server must be reachable from the network and file sharing must be enabled.

(44)

The product supports also Microsoft SQL Server 2000 with Service Pack 4 and Microsoft SQL Server 2000 Desktop Engine (MSDE) with Service Pack 4.

Which SQL Server to Use for the Quarantine Database?

As a minimum requirement, the Quarantine database should have the capacity to store information about all inbound and outbound mail to and from your organization that would normally be sent during 2-3 days.

Take the following SQL server specific considerations into account when deciding which SQL server to use:

Microsoft SQL Server

2005/2008 Express

Edition

 When using Microsoft SQL Server 2005/2008 R2 Express

Edition, the Quarantine database size is limited to 4 GB (2005 version) or 10 GB (2008 R2 version).

 Microsoft SQL Server 2005/2008 Express Edition supports

Microsoft Windows Server 2008.

It is not recommended to use Microsoft SQL Server 2005/2008

Express Edition if you are planning to use centralized quarantine management with multiple product installations.

The upgrade installation does not upgrade the SQL server if you choose to use the existing database and the remote upgrade installation does not install or upgrade SQL Server and change the Quarantine database.

If you want to upgrade the SQL Server version that you use, follow the recommendations on the Microsoft web site:

http://www.microsoft.com/sqlserver/en/us/default.aspx

Microsoft SQL Server 2008 R2 Express Edition is delivered with F-Secure E-mail and Server Security, and you can install it during the setup.

(45)

Microsoft SQL

Server 2000, 2005

and 2008

 If your organization sends a large amount of e-mails, it is

recommended to use Microsoft SQL Server 2000, 2005 or 2008.

 It is recommended to use Microsoft SQL Server if you are

planning to use centralized quarantine management with multiple product installations.

 Note that the product does not support Windows Authentication

when connecting to Microsoft SQL Server. The Microsoft SQL Server that the product will use for the Quarantine database should be configured to use Mixed Mode authentication.

3.4.2

Additional Windows Components

Depending on how you deploy the product to your network system, the following Windows components may be required:

 Microsoft .NET Framework version 3.5 SP1 and Windows

Installer 4.5 are required to install Microsoft SQL Server 2008 R2 Express Edition.

 If you plan to have Microsoft SQL Server on the same server,

Microsoft .NET Framework must be installed before installing F-Secure E-mail and Server Security. Microsoft .NET Framework can be downloaded from the Microsoft Download Center.

3.4.3

Web Browser Software Requirements

In order to administer the product with the Web Console, one of the following web browsers is required:

 Microsoft Internet Explorer 6.0 or later  Mozilla Firefox 3.0 or later

If you plan to use Microsoft SQL Server 2000, 2005 or 2008, you must purchase it and obtain your own license before you start to deploy the product. To purchase Microsoft SQL Server, contact your Microsoft reseller.

(46)

Any other web browser supporting HTTP 1.0, SSL, javascripts and cookies may be used as well. Microsoft Internet Explorer 5.5 or earlier cannot be used to administer the product.

(47)

44

4

I

Installing F-Secure E-mail and Server Security from Policy

Manager ... 45

Installing F-Secure E-mail and Server Security to Microsoft

Exchange Server... 59

Upgrading from previous product versions... 78

Registering the Evaluation Version... 80

Uninstalling the Product... 81

(48)

4.1

Installing F-Secure E-mail and Server Security

from Policy Manager

Before you begin the installation, download the remote installation package from the F-Secure web site.

To install the product with F-Secure Policy Manager, follow these instructions.

Step 1. Open Policy Manager Console

Log in to Policy Manager Console with your user name and password.

If you have F-Secure E-mail and Server Security license, use F-Secure E-mail and Server Security remote installation package with the filename ess_9.20-rtm.jar.

If you have F-Secure Server Security license, use F-Secure Server Security remote installation package with the filename

(49)

Step 2. Import the Product Installation Package

1. In Policy Manager Console, open the Installation tab.

2.

Click Installation packages.

3.

Click Import.

4.

Select the product installation package file that you have downloaded.

(50)

Policy Manager imports the installation package and the product information so that it can be used to administer the product. You do not need to import the package again when you install the product to other hosts.

Step 3. Install the Product to Hosts

1. Click Push install to Windows hosts in the Installation tab to start the installation wizard.

2.

Enter either the WINS name or IP address of the target host. You can specify a list of hosts where you want to install the product.

All target hosts must be accessible from the Policy Manager Server with the address you enter.

(51)

Click Next.

3.

Select the product installation package that you imported from the list of available packages.

Click Next.

4.

In the policy selection dialog, leave Only default policy included selected.

(52)

Click Next.

5.

In the account selection dialog, specify the account that has

administrative rights to target hosts. If you are using an account that is a Domain administrator, you can usually select This account. Otherwise specify the administrative account and its password.

(53)

6.

The installation wizard shows you the summary of selected options.

Click Start.

Step 4. Select Installation Options

1. The product-specific installation wizard opens.

(54)

2.

In the keycode dialog, enter your product keycode.

Click Next.

3.

Select components to install.

Virus and Spyware protection is always installed, and Anti-Virus for Microsoft Exchange cannot be installed from Policy Manager.

(55)

To install Anti-Virus for Microsoft Exchange, see “Installing F-Secure E-mail and Server Security to Microsoft Exchange Server”, 59.

Click Next.

4.

Choose the product language.

Select Select automatically during installation to install the product in the default system language of the target host.

Click Next.

If you have F-Secure Server Security license and use F-Secure Server Security remote installation package, Browsing protection and Anti-Virus for Microsoft Exchange components are not available.

(56)

5.

Choose the Installation type.

Select Centrally managed installation and click Next.

(57)

Enter the server address as it is visible to hosts, typically http:// protocol and IP or DNS.

Select the host identification mode. Click Next.

7.

Enter any custom properties that a host may require.

Click Next.

8.

Choose the action to take if a conflicting software is installed on the host.

By default, Policy Manager Server uses port 80 for

communication with hosts. If you have assigned some other port, specify it in the URL.

(58)

Choose Uninstall conflicting software to uninstall the conflicting

software automatically and then continue the installation, or

Choose Install the product only if no conflicting software is detected to stop the installation completely if any conflicting

software is detected on the host. Click Next.

(59)

Usually, the first-time installation of the product does not require a restart. However, if it does, the installation is not completed until the computer is restarted.

Click Finish.

10.

Policy Manager prepares and pushes the installation to target hosts.

11.

When the installation is complete, click Finish.

As the server where you are installing the product may have a large number of active users, be careful which option you select.

(60)

Step 5. Import New Hosts

1. Click Import new hosts in the Installation tab.

(61)

If you have a policy tree with several domains, choose the target domain in the Import hosts to selection.

Click Import.

3.

Click Close to close the New hosts table.

4.

New hosts appear at the Policy domains tree.

Select a host to view information related to the host, for example, installed product versions and their installation status.

(62)

4.2

Installing F-Secure E-mail and Server Security to

Microsoft Exchange Server

Follow these instructions to install the product.

Step 1.

1. Download the installation file (ess920-rtm.exe) from the F-Secure web site.

2.

Run the installation file to start the installation.

3.

Click Install.

If you plan to install Microsoft SQL Server 2008 R2 Express Edition SP1 that is included in the package, and you want to control the installation, click the link under Extras to start the SQL Server installation before you install the product. Depending on your system configuration, Microsoft SQL Server installation may require that you restart the server. In this case, install the product after the restart.

(63)

Step 2.

Read the information in the Welcome screen.

(64)

Step 3.

Read the license agreement.

If you accept the agreement, check the I accept this agreement checkbox and click Next to continue.

(65)

Step 4.

Enter the product keycode.

Click Next to continue.

This step is skipped if you install the evaluation version of the product.

(66)

Step 5.

Choose the components to install.

If you do not have Microsoft Exchange Server installed on the computer, Anti-Virus for Microsoft Exchange and Spam control components are not present in the list.

Click Next to continue.

If you use F-Secure Server Security keycode to install the product, only Virus and spyware protection and DeepGuard components are present.

(67)

Step 6.

Choose the destination folder for the installation.

Click Next to continue.

(68)

If you install the product in stand-alone mode, you cannot configure settings and receive alerts and status information in F-Secure Policy Manager Console.

Click Next to continue.

If you selected the stand-alone installation, continue to Step 10., 67.

Step 8.

The centrally managed administration mode requires the public management key. Enter the path to the public management key file

admin.pub that was created during F-Secure Policy Manager setup.

You can retrieve the admin.pub file directly from Policy Manager Server. 1. Open your web browser.

2.

Go to the Policy Manager Server address, for example: http://fspm.example.local

3.

At the page that opens, find the following text:

F-Secure Policy Manager Server's management public key used by clients to verify validity of distributed policies can be downloaded from here.

If you select the stand-alone mode, use the Web Console to change product settings and to view statistics.

(69)

4.

Click the link and save the file that opens.

5.

Return to the setup and click Browse. Browse to the admin.pub file that you saved.

You can also transfer the public key other ways (use a shared folder on the file server, a USB device, or send the key as an attachment in an e-mail message).

Click Next to continue.

Step 9.

In the centrally managed administration mode, enter the IP address or URL of the F-Secure Policy Manager Server you installed earlier.

Click Next to continue.

If you do not use the default port (80) for the host communication, specify the port that you use here.

(70)

Step 10.

Enter an SMTP address that will be used by the product to send warning and informational messages to end-users.

The SMTP address should be a valid, existing address that is allowed to send messages. Click Next to continue.

(71)

Step 11.

Specify the Quarantine management method.

If you want to manage the Quarantine database locally, select Local

quarantine management. Select Centralized quarantine management if

you install the product on multiple servers. Click Next to continue.

(72)

Step 12.

Specify Microsoft SQL Server instance that you use to store the Quarantine database.

If you want to install Microsoft SQL Server 2008 R2 Express Edition and the Quarantine database on the same server as the product installation, select (a) Install and use Microsoft SQL Server 2008 R2 Express Edition. If you are using Microsoft SQL Server already, select (b) Use an existing

installation of Microsoft SQL Server.

(73)

a Specify the installation and the database directory for Microsoft SQL Server 2008 R2 Express Edition.

Enter the password for the database server administrator account (sa) that will be used to create the new database. Click Next to continue.

(74)

b Specify the computer name and instance of the SQL Server where you want to create the Quarantine database.

Enter the password for the sa account that you use to log on to the server. Click Next to continue.

(75)

Step 13.

Specify the name for the SQL database that stores information about the quarantined content.

Enter the user name and the password that you want to use to connect to the quarantine database.

• Use a different account than the server administrator account. If the new account does not exist, the product creates it during the installation.

• The password should be strong enough to comply with your current Windows password security policy.

(76)

If the server has a database with the same name, you can either use the existing database, remove the existing database and create a new one or keep the existing database and create a new one with a new name.

(77)

Step 14.

The list of components that will be installed is displayed, based on the keycode you use and the components that you selected in Step 5., 63.

(78)

Step 15.

The installation status of the components is displayed.

(79)
(80)

Click Finish to close the Setup wizard.

In some cases, you may need to restart the computer to complete the installation.

You can choose Restart later to close the Setup wizard, but we recommend that you restart the server as soon as possible, as the product does not protect the server before the restart.

(81)

4.3

Upgrading from previous product versions

Follow these instructions to install the product if you have a previous version of F-Secure Anti-Virus for Windows Servers or F-Secure Anti-Virus for Microsoft Exchange installed.

4.3.1

Upgrading from the centralized installation of F-Secure

Anti-Virus for Windows Server with Policy Manager

10.01

If you have F-Secure Anti-Virus for Windows Servers installed in your domain and you want to upgrade, we recommend that you upgrade to F-Secure Policy Manager to version 10.01 before installing E-mail and Server Security.

With F-Secure Policy Manager version 10.01, you can use Upgrade command at F-Secure Policy Manager Console to deploy and upgrade the product. You can view information about the product both in antivirus mode and in advanced mode.

4.3.2

Upgrading from F-Secure Anti-Virus for Microsoft

Exchange with Policy Manager 10.01

If you have F-Secure Anti-Virus for Microsoft Exchange installed in your domain and you want to upgrade, we recommend that you upgrade to F-Secure Policy Manager to version 10.01 before installing E-mail and Server Security.

(82)

With F-Secure Policy Manager version 10.01, you can use Upgrade command at F-Secure Policy Manager Console to deploy and upgrade the product. You can view information about the product both in antivirus mode and in advanced mode.

4.3.3

Upgrading from F-Secure Anti-Virus for Microsoft

Exchange

If you have F-Secure Anti-Virus for Microsoft Exchange version 9.00 - 9.10, follow the standard installation instructions. When the installation asks for the Policy Manager settings, select Keep current.

F-Secure Anti-Virus for Microsoft Exchange is updated only if it is installed on the host already. You cannot add F-Secure Anti-Virus for Microsoft Exchange component, but you can add or upgrade other components during the upgrade installation.

(83)

4.4

Registering the Evaluation Version

If you want to use the product after your evaluation period expires, you need a new keycode. Contact your software vendor or renew your license online.

After you have received the new keycode, you can either reinstall the product with your new keycode (see “Installing F-Secure E-mail and Server Security to Microsoft Exchange Server”, 59) or register the new keycode.

To register the new keycode:

1. Log in to the Web Console. The evaluation screen is opened.

2.

Enter the new keycode you have received and click Register Keycode.

If you do not want to continue to use the product after your evaluation license expires, you should uninstall the software.

(84)

When the license expires, the product stops receiving anti-virus database updates, and processing e-mails and messages posted to public folders. However, the messages are still delivered to the recipients.

4.5

Uninstalling the Product

To uninstall the product, select Add/Remove Programs from the Windows Control Panel. Uninstall the components in the following order:

1. F-Secure E-mail and Server Security - Spam control

2.

F-Secure E-mail and Server Security - Anti-Virus for Microsoft Exchange

3.

F-Secure E-mail and Server Security - Browsing protection

4.

F-Secure E-mail and Server Security - DeepGuard

5.

F-Secure E-mail and Server Security - Virus and spyware protection Restart the server after you have uninstalled all components.

If you use F-Secure E-mail and Server Security keycode to register the product, but you have installed only the Server Security evaluation version, you need to run the installation again to add the missing components.

If you have installed F-Secure E-mail and Server Security

evaluation version, you cannot use the Server Security keycode to register the product. Uninstall the evaluation version before you install the full Server Security product.

Some files and directories may remain after the uninstallation and can be removed manually.

(85)

82

5

C

P

RODUCT

Configuring the Product... 83

Network Configuration... 84

Configuring F-Secure Spam Control ... 86

(86)

5.1

Configuring the Product

The product is fully functional only after it receives the first automatic update. The first update can take longer time than the following updates. The product uses mostly default settings after the installation and the first update. We recommend that you go through all the settings of the installed components.

 Configure the product.

If the product has been installed in the centralized administration mode, use F-Secure Policy Manager Console to configure the settings and distribute the policy.

If the product has been installed in stand-alone mode, use the Web Console to configure the settings.

 To make sure that the Real-time Protection Network is enabled,

go to the Privacy page in the Web Console and select Yes, I want

to participate in the Real-time Protection Network.

With Real-time Protection Network, you benefit from the cloud-based F-Secure technology of exchanging information about threats with other participants all over the world. To change the setting with Policy Manager Console, go to:

F-Secure Real-time Protection Network Client / Settings / Participate in the Real-time Protection Network.

 Specify the IP addresses of hosts that belong to your

organization. For more information, see “Network Configuration”,

84.

 Verify that the product is able to retrieve the virus and spam

References

Related documents

In this research it was found that the injection system used for a Fluid Coker TM can be altered to maintain the Pre-Mixer pressure, liquid flux, gas-liquid ratio, and stability

We argue that the CDM is a spatial fix to the ecological crisis of climate change, which secures production conditions for the fossil fuel industry and promotes new sites

This guide is intended to help you understand how to see, get a copy of, and correct or amend medical records from Ohio health care providers who have to follow the HIPAA Privacy

ƒ Repair, alteration and maintenance of necessary equipment. The provider is responsible for the fulfillment of all warranty service and warranty repair. It is important to

The purpose of these guidelines is to help parents and service providers learn more about the use of assistive technology with infants and toddlers with special needs and to

(It is the fact that the canonical strip has all the diagonal hinges in the same direction that forces alternation between left and right turns from folding only at diagonal

The research presented in this paper addresses the themes of generative design, material computation, large-scale fabrication and assembly technologies by incorporating two

The items and services that are covered under the Hearing Aid Benefit are outlined in the MCSS Schedule of Services and Fees for Hearing Aids, Devices and Services (“the